Enhanced Flush+Reload Attack on AES
Authors
Abstract:
In cloud computing, multiple users can share the same physical machine that can potentially leak secret information, in particular when the memory de-duplication is enabled. Flush+Reload attack is a cache-based attack that makes use of resource sharing. T-table implementation of AES is commonly used in the crypto libraries like OpenSSL. Several Flush+Reload attacks on T-table implementation of AES have been proposed in the literature which requires a notable number of encryptions. In this paper, we present a technique to enhance the Flush+Reload attack on AES in the ciphertext-only scenario by significantly reducing the number of needed encryptions in both native and cross-VM setups. In this paper, we focus on finding the wrong key candidates and keep the right key by considering only the cache miss event. Our attack is faster than previous Flush+Reload attacks. In particular, our method can speed-up the Flush+Reload attack in cross-VM environment significantly. To verify the theoretical model, we implemented the proposed attack.
similar resources
A Fault Based Attack on MDS-AES
In this paper a fault based attack on MDS-AES has been proposed. It has been shown that inducing random byte fault at the input of the ninth round of the MDS-AES algorithm the key can be retrieved. Simulation shows that two faulty cipher text pairs are required to deduce the key without any brute-force search. If one faulty encryption is considered then the actual key can be ascertained with a ...
full textAES Flow Interception: Key Snooping Method on Virtual Machine - Exception Handling Attack for AES-NI -
In this paper, we propose a method for snooping AES encryption key on Virtual Machine Monitor (VMM), and we present countermeasures against this attack. Recently, virtualization technology has rapidly emerged as a key technology for cloud computing. In general, the virtualization technology composes two software parts: one is virtual machine (VM) management software called Virtual Machine Monit...
full textDistinguisher and Related-Key Attack on the Full AES-256
In this paper we construct a chosen-key distinguisher and a related-key attack on the full 256-bit key AES. We define a notion of differential q-multicollision and show that for AES-256 q-multicollisions can be constructed in time q · 2 and with negligible memory, while we prove that the same task for an ideal cipher of the same block size would require at least O(q · 2 q−1 q+1 ) time. Using si...
full textDifferential Power Analysis Attack on FPGA Implementation of AES
Cryptographic devices have found their way into a wide range of application and the topic of their security has reached great research importance. It has been proved that encryption device leaks information, which can be exploited by various attacks such as power analysis, timing analysis and electro-magnetic radiation. Differential power analysis is a powerful and efficient cryptanalytic techn...
full textA Cache Timing Attack on AES in Virtualization Environments
We show in this paper that the isolation characteristic of system virtualization can be bypassed by the use of a cache timing attack. Using Bernstein’s correlation in this attack, an adversary is able to extract sensitive keying material from an isolated trusted execution domain. We demonstrate this cache timing attack on an embedded ARMbased platform running an L4 microkernel as virtualization...
full textFeasible Attack on the 13-round AES-256
In this note we present the first attack with feasible complexity on the 13-round AES-256. The attack runs in the related-subkey scenario with four related keys, in 2 time, data, and memory.
full textMy Resources
Journal title
volume 12 issue 2
pages 69- 77
publication date 2020-07-01
By following a journal you will be notified via email when a new issue of this journal is published.
Hosted on Doprax cloud platform doprax.com
copyright © 2015-2023